Re: On login trigger: take three
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Andres Freund <andres@anarazel.de>,
a.sokolov@postgrespro.ru,
Greg Nancarrow <gregn4422@gmail.com>,
Ivan Panchenko <wao@mail.ru>,
Teodor Sigaev <teodor@sigaev.ru>,
Ibrar Ahmed <ibrar.ahmad@gmail.com>,
vignesh C <vignesh21@gmail.com>,
Pavel Stehule <pavel.stehule@gmail.com>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>,
Amit Kapila <amit.kapila16@gmail.com>,
Masahiko Sawada <sawada.mshk@gmail.com>
Date: 2022-03-30T13:51:18Z
Lists: pgsql-hackers
> On 29 Mar 2022, at 00:40, Tom Lane <tgl@sss.pgh.pa.us> wrote: > > Andres Freund <andres@anarazel.de> writes: >> On 2022-03-28 23:27:56 +0200, Daniel Gustafsson wrote: >>> Do you think this potential foot-gun is scary enough to reject this patch? >>> There are lots of creative ways to cause Nagios alerts from ones database, but >>> this has the potential to do so with a small bug in userland code. Still, I >>> kind of like the feature so I'm indecisive. > >> It does seem like a huge footgun. But also kinda useful. So I'm really +-0. > > An on-login trigger is *necessarily* a foot-gun; I don't see that this > particular failure mode makes it any worse than it would be anyway. Agreed. > There has to be some not-too-difficult-to-use way to bypass a broken > login trigger. Assuming we are happy with the design for doing that, > might as well accept the hazards. The GUC in this patchset seems to be in line with what most in this thread have preferred, and with that in place (and single-user mode which still works for this) I think we have that covered. -- Daniel Gustafsson https://vmware.com/
Commits
-
Fix some typos in event trigger docs
- 5fce30e77fe1 17.0 landed
-
Use heap_inplace_update() to unset pg_database.dathasloginevt
- 8be93177c46b 17.0 landed
-
Remove the flaky check in event_trigger_login regression test
- 4b885d01f967 17.0 landed
-
Fix instable 006_login_trigger.pl test
- 06be01eb266b 17.0 landed
-
Add support event triggers on authenticated login
- e83d1b0c40cc 17.0 landed
-
Add GUC for temporarily disabling event triggers
- 7750fefdb2b8 17.0 landed
-
Fix typo in reference to __FreeBSD__.
- e52f8b301ed5 16.0 cited
-
Restore robustness of TAP tests that wait for postmaster restart.
- f452aaf7d4a9 14.0 cited
-
Restore the portal-level snapshot after procedure COMMIT/ROLLBACK.
- 84f5c2908dad 14.0 cited